Cyber Fraud: State of Play

Ron E Plesco, Jr. Esq.

Partner, DLA Piper LLP (US)

Cyber frauds such as email take overs, identity theft, breaches, ransomware and system disruptions continue to surge.  This is the world we live in—whether we accept it or not.  And for business and government leaders or just us consumers, Ron reminds us that it’s not a matter of if, or when your organization needs to respond to a breach or fraud, it is a matter of establishing Cyber Resiliency and assuming you are being hacked now.  In this talk, this cyberspace expert helps us understand the cyber threats to business and individuals.  He’ll describe the threat landscape and answer how we got here and in so doing will navigate such questions as:

• How did Chinese military hackers steal a decade’s worth of R&D from global corporations?
• How did hackers with Wall Street-fluency breach media and healthcare companies so they could play the market?
• How and why do they steal your Identities and sell them on the Darknet?? Ron will then answer the most pressing question of all?
• How do I protect myself?
• He will a explain the practical steps you can take to prevent these attacks

Beyond just the basics Ron will conclude with a discussion around the new digital “zeitgeist”: how information is being weaponized, and public/consumer opinion is being swayed with surgical precession on your tablet, cell phone TV or laptop.

Ron is an internationally known information security and privacy attorney with over 17 years’ experience in cyber investigations, information assurance, privacy, identity management, computer crime and emerging cyber threats and technology solutions. Ron is a partner at DLA Piper, LLC and a former Principal in KPMG’s Cyber Response Services practice. Ron joined DLA Piper in 2020 after a distinguished career with KPMG and in the private and public sectors and is a frequent speaker nationally. Prior to joining KPMG, Ron was the CEO of the National Cyber Forensics and Training Alliance (NCFTA), where he managed the development of intelligence that led to over 400 worldwide cyber crime arrests in four years and prevented over $2 billion in fraud. Notable NCFTA intelligence-led arrests include Ghost Click, Anonymous, Coreflood and multiple online frauds.

Attacks Against Windows Based Networks, and How to Defend Against Them

Joe Strain

Director, Security, Privacy, and Risk Services

RSM US LLP

Joe will discuss:

• Misconceptions around how data breaches occur, and Windows network security
• Vulnerable protocols that are targeted by attacks
• How these attacks work, and what tools are used
• How to defend against the attacks covered above
• Ways companies can properly harden Windows based systems against attack

Joe Strain is a director at RSM within their security and privacy practice, with over 10 years of cyber security experience. Joe is a system security specialist with experience analyzing network traffic, configuring intrusion detection, endpoint protection, and hardening devices across various platforms. His experience in system administration and computer security allows him to provide valuable insight in understanding and evaluating information systems (IS) security controls, and understanding the security and risk implications of IT-connected business processes.

Security Threats in the Age of Covid-19

John Sancenito, CPP

President, Information Network Associates

Cybercrime was one of the largest threats facing U.S. businesses prior to the start of the pandemic. The outbreak of Covid-19 created a perfect opportunity for criminals to strike. Phishing emails increased by 700% in the two months after businesses closed down.

This presentation will take a 360 Degree Look at security threats in the Age of Covid-19.  A great deal of the workforce was sent home to work remotely with little or no training on how to do so safely.  Many users used unsecure networks and were easy targets for criminals using social engineering experts.   

Struggling businesses have not invested in IT or physical security upgrades, creating prospects for opportunistic criminals to exploit.  As businesses emerge and re-unite their workforce, there are new cyber security threats that will need to be addressed. Many businesses have workers have unpatched software, malware infected devices and employees with bad cyber security habits. This presentation will look back at threats at the beginning of the outbreak, discuss current threats facing business, and offer practical advice on how to address future physical and cyber security threats.

John J. Sancenito is the President and co-owner of Information Network Associates, Inc. (INA); an international investigative and corporate consulting firm headquartered in Harrisburg, Pennsylvania.  INA specializes in providing risk management consulting and intelligence services to high-risk industries around the world. Mr. Sancenito’s professional experience includes more than 12 years as a sworn law enforcement officer.  He is a nationally renowned speaker and has lectured internationally.  He is also an established author who has received many awards and honors, including being selected as the 2010 Security Professional of the Year by the Central Pennsylvania Chapter of ASIS International.

Ransomware 051

Detective Matt Dotts

Derry Township Police Department

It is predicted that ransomware damage-costs will rise to $11.5 billion dollars by the end of 2020 and a new organization will fall victim to a ransomware attack every 14 seconds. Organizations of all sizes need to be hardening their security and take measures to prevent a ransomware event. 

Is your organization making proper data back-ups? Can you actually restore systems from them?

Do you have documented incident response and disaster recovery plans? 

Are you a "big-game hunting" target?

This talk will provide insight into the current threat ransomware poses to organizations and provide action-steps for your organization to better defend against an attack.

Detective Matt Dotts is a twenty-one-year veteran of the Derry Township Police Department where he is assigned to the criminal investigation section. Additionally, he serves as a Task Force Officer with the Cyber Crime Unit of the FBI’s Philadelphia field office.  He is a Certified Financial Crime Investigator, a Certified Economic Crime Forensic Examiner and a GIAC Certified Incident Handler.  He holds a master’s degree in digital forensics and has testified in court as an expert witness. Detective Dotts frequently lectures about cyber-financial crime, Internet security, and the criminal use of digital technology.   

Dark Web Virtual Tour with Appalachia Technologies 

Jason McNew

Sr. Engineer - Risk & Compliance, Appalachia Technologies

Join Jason McNew, cybersecurity veteran, as he takes you through the dark web.  This experience will cover the history and origin, underlying technologies, and will provide a look into the content and what it's being used for today.    

The Impact of Emerging Technologies on Fraud and Forensics 

Donny C. Shimamoto, CPA, CITP, CGMA

Intraprise TechKnowlogies LLC

Using accounting processes as a base, this non-technical session will explore how artificial intelligence, blockchain, cybersecurity, and data governance will play into the accounting ecosystem of processes, apps, and information flows. Obtain an understanding of how these technologies impact internal controls and extended data trails, and thereby can help to prevent or detect fraud, and facilitate forensic investigation. While presented in the accounting context, the concepts you learn from this session should enable you to draw analogies to other non-financial areas and help demystify these emerging technologies for non-techies.

Donny C. Shimamoto, CPA, CITP, CGMA, is the founder and managing director of IntrapriseTechKnowlogies LLC, an advisory-focused CPA firm focused on innovation acceleration and organizational development for small businesses, middle market organizations, and nonprofits. Donny is a recognized thought leader and educator in the fields of accounting technology, innovation, IT-related risk management (including cybsersecurity), and performance management.

Donny serves as a business transformation advisor and outsourced “IT partner” for local & regional firms, finance departments, and internal audit departments, who lack in-house IT executive leadership and IT audit expertise; He helps with risk assessments, development of IT-related advisory services, development of innovation strategies, streamlining of internal firm/department operations, and increasing staff proficiency with IT tools supporting internal operations and accounting services delivery.

Donny also works with larger organizations as a trusted innovation advisor, facilitating digital transformation, innovation  management, IT governance & planning, enterprise architecture, enterprise risk management, information architecture & assurance, business process improvement, financial planning & analysis, and performance improvement initiatives.

A past chairman of the AICPA’s Information Management & Technology Assurance Executive Committee, Donny has been highly involved in several AICPA initiatives including development of an IT Competency Model, and creation of the Digital Transformation module of the CGMA Finance Leadership Academy. Donny has also been involved in the authoring of guidance published by the AICPA on IT Considerations for Risk- Based Auditing and Enterprise Business Intelligence.

Donny is also a frequent speaker and educator on innovation strategies, business intelligence, cybersecurity risk management, project management, performance management, and emerging technologies at many states around the US and internationally. He is also a sought after author and interviewee as a subject matter expert with the distinct skill of making complex topics easier to understand by a “layperson”.

Important information on registration:

Registrants will receive a welcome email from Toby Groves Productions containing a link to the webinar site. This link is specific to each registrant and cannot be shared or transferred. Registrants are encouraged to supply their personal email address when registering to avoid the webinar link email being rejected by their employer email system as junk or spam.

Registrants will also receive webinar reminder emails one week, one day, and one hour before the webinar begins, and the ability to add the webinar date to their calendars. Registrants can log in as early as 20 minutes prior to the start of the webinar